Legislation to ensure UK law enforcement and intelligence agencies continue to have access to the vital evidence and information they need in order to investigate criminal activity, prevent terrorism and protect the public has received Royal Assent. The Data Retention and Investigatory Powers Act addresses urgent issues around the retention of communications data by companies as well as the interception of communications. The legislation was brought forward after the European Court of Justice struck down the European directive that formed the basis of UK regulations governing the ability of the police service and others to access communications data retained by communication service providers. The Act provides a clear basis in UK law for the retention of communications data and ensures this crucial information continues to be available when it’s needed. The Act is also a response to uncertainty from overseas communications service providers around the legal framework that underpins their co-operation with intelligence and law enforcement agencies regarding investigatory powers. The Act makes clear the obligations that apply to anyone providing communications services to customers in the UK under Part 1 of the Regulation of Investigatory Powers Act 2000 (RIPA), irrespective of where those companies are based. The Act, which comes into effect immediately, only maintains and clarifies the existing regime and does not create any new powers, rights of access or obligations on companies beyond those that already exist. It also strengthens existing safeguards and includes a two-year ‘sunset clause’ to ensure the legal framework is kept under review into the next Parliament. In parallel, the Government has announced new measures to increase transparency and oversight. Necessary powers and capabilities Home Secretary Theresa May said:” The threats faced by the UK from terrorism and organised crime remain considerable, and the Government would have been negligent if it had not made sure the people and the organisations that keep us safe have the powers and capabilities they need.” May added:” If we had not acted immediately, investigations could have suddenly gone dark overnight. Criminals and terrorists would have been able to go about their work unimpeded, and innocent lives would have been lost.” Continuing the theme, the Home Secretary said:” The Data Retention and Investigatory Powers Act will ensure the job of those who protect us does not become even more difficult and that they can maintain the use of vital powers to solve crime, save lives and protect the public from harm.” The Home Secretary concluded:” This Act has cross-party support and I would like to express my gratitude to all those who recognised both the need for this legislation and the reason why it was so important to see it enacted quickly.” Bringing offenders to justice Communications data is the ‘who, when, where and how’ of a communication, such as a telephone call or an e-mail, but not its content. It’s often the decisive factor in successful prosecutions and has helped police solve a large number of serious crimes, including the Oxford and Rochdale child grooming cases as well as the Soham and Rhys Jones murders. As a result of the ECJ ruling, communications service providers may have started to delete data they are currently required to retain. This would have had potentially devastating consequences for investigations, which often rely on communications data that’s several months old at the point at which it’s requested. The Act provides a clear basis in domestic law for the retention of communications data in the UK. Protecting national security Interception powers, which are subject to very strict controls and oversight, are used alongside other covert capabilities and techniques to identify, understand and disrupt serious criminals and terrorists before they can cause damage or endanger lives. The Act has made explicit what is already implicit in RIPA that the provisions in RIPA which relate to communications data and interception apply to overseas communications companies offering services to UK customers. Any loss of co-operation from the companies would have immediately resulted in a major loss of the powers and capabilities that are used every day to counter the threats we face from terrorists and organised criminals. Introducing new safeguards The UK has one of the best communications data oversight and authorisation systems in the world. Nonetheless, the following steps will be taken to strengthen oversight and transparency: (1) The Independent Reviewer of Counter-Terrorism Legislation will hold a full review of powers and capabilities. (2) The Interception of Communications Commissioner will report every six months on the operation of the legislation. (3) A senior diplomat will be appointed to lead discussions with overseas Governments and communication service providers to assess and develop formal arrangements for the accessing of data for law enforcement and intelligence purposes held in different jurisdictions. (4) An Independent Privacy and Civil Liberties Board will be created to consider the balance between the threat and civil liberties concerns in the UK where they are affected by policies, procedures and legislation relating to the prevention of terrorism. (5) The number of public bodies currently able to request communications data will be reduced. (6) The UK Government will publish annual transparency reports to make more information publicly available than ever before on the ways in which surveillance powers are operated.
Data Retention and Investigatory Powers Bill receives Royal Assent
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.